security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2025-07-02 22:46:30 +02:00
Code Activity

Improved detection of bad/invalid signer keys.

Browse source
This commit is contained in:
Werner Koch 2009-08-06 20:12:00 +00:00
parent f27bdef888
commit 019601191a
13 changed files with 122 additions and 63 deletions
Download patch file Download diff file Expand all files Collapse all files

10
sm/ChangeLog
View file

@ -1,3 +1,13 @@
2009-08-06 Werner Koch <wk@g10code.com>
* sign.c (gpgsm_sign): Print INV_SNDR for a bad default key.
* server.c (cmd_signer): Remove unneeded case for -1. Send
INV_SGNR. Use new map function.
(cmd_recipient): Use new map function.
* gpgsm.c (do_add_recipient): Use new map function for INV_RECP.
(main): Ditto. Also send INV_SGNR.
2009-07-30 Werner Koch <wk@g10code.com>
* call-agent.c (learn_cb): Do not store as ephemeral.

27
sm/gpgsm.c
View file

@ -704,17 +704,7 @@ do_add_recipient (ctrl_t ctrl, const char *name,
{
log_error ("can't encrypt to `%s': %s\n", name, gpg_strerror (rc));
gpgsm_status2 (ctrl, STATUS_INV_RECP,
gpg_err_code (rc) == -1? "1":
gpg_err_code (rc) == GPG_ERR_NO_PUBKEY? "1":
gpg_err_code (rc) == GPG_ERR_AMBIGUOUS_NAME? "2":
gpg_err_code (rc) == GPG_ERR_WRONG_KEY_USAGE? "3":
gpg_err_code (rc) == GPG_ERR_CERT_REVOKED? "4":
gpg_err_code (rc) == GPG_ERR_CERT_EXPIRED? "5":
gpg_err_code (rc) == GPG_ERR_NO_CRL_KNOWN? "6":
gpg_err_code (rc) == GPG_ERR_CRL_TOO_OLD? "7":
gpg_err_code (rc) == GPG_ERR_NO_POLICY_MATCH? "8":
"0",
name, NULL);
get_inv_recpsgnr_code (rc), name, NULL);
}
else
log_info (_("NOTE: won't be able to encrypt to `%s': %s\n"),
@ -1570,19 +1560,10 @@ main ( int argc, char **argv)
{
log_error (_("can't sign using `%s': %s\n"),
sl->d, gpg_strerror (rc));
gpgsm_status2 (&ctrl, STATUS_INV_SGNR,
get_inv_recpsgnr_code (rc), sl->d, NULL);
gpgsm_status2 (&ctrl, STATUS_INV_RECP,
gpg_err_code (rc) == -1? "1":
gpg_err_code (rc) == GPG_ERR_NO_PUBKEY? "1":
gpg_err_code (rc) == GPG_ERR_AMBIGUOUS_NAME? "2":
gpg_err_code (rc) == GPG_ERR_WRONG_KEY_USAGE? "3":
gpg_err_code (rc) == GPG_ERR_CERT_REVOKED? "4":
gpg_err_code (rc) == GPG_ERR_CERT_EXPIRED? "5":
gpg_err_code (rc) == GPG_ERR_NO_CRL_KNOWN? "6":
gpg_err_code (rc) == GPG_ERR_CRL_TOO_OLD? "7":
gpg_err_code (rc) == GPG_ERR_NO_POLICY_MATCH? "8":
gpg_err_code (rc) == GPG_ERR_NO_SECKEY? "9":
"0",
sl->d, NULL);
get_inv_recpsgnr_code (rc), sl->d, NULL);
}
}

40
sm/server.c
View file

@ -384,20 +384,8 @@ cmd_recipient (assuan_context_t ctx, char *line)
&ctrl->server_local->recplist, 0);
if (rc)
{
gpg_err_code_t r = gpg_err_code (rc);
gpgsm_status2 (ctrl, STATUS_INV_RECP,
r == -1? "1":
r == GPG_ERR_NO_PUBKEY? "1":
r == GPG_ERR_AMBIGUOUS_NAME? "2":
r == GPG_ERR_WRONG_KEY_USAGE? "3":
r == GPG_ERR_CERT_REVOKED? "4":
r == GPG_ERR_CERT_EXPIRED? "5":
r == GPG_ERR_NO_CRL_KNOWN? "6":
r == GPG_ERR_CRL_TOO_OLD? "7":
r == GPG_ERR_NO_POLICY_MATCH? "8":
r == GPG_ERR_MISSING_CERT? "11":
"0",
line, NULL);
get_inv_recpsgnr_code (rc), line, NULL);
}
return rc;
@ -415,10 +403,7 @@ cmd_recipient (assuan_context_t ctx, char *line)
has to take care of this. All SIGNER commands are cumulative until
a RESET but they are *not* reset by an SIGN command becuase it can
be expected that set of signers are used for more than one sign
operation.
Note that this command returns an INV_RECP status which is a bit
strange, but they are very similar. */
operation. */
static int
cmd_signer (assuan_context_t ctx, char *line)
{
@ -429,21 +414,12 @@ cmd_signer (assuan_context_t ctx, char *line)
&ctrl->server_local->signerlist, 0);
if (rc)
{
gpg_err_code_t r = gpg_err_code (rc);
gpgsm_status2 (ctrl, STATUS_INV_RECP,
r == -1? "1":
r == GPG_ERR_NO_PUBKEY? "1":
r == GPG_ERR_AMBIGUOUS_NAME? "2":
r == GPG_ERR_WRONG_KEY_USAGE? "3":
r == GPG_ERR_CERT_REVOKED? "4":
r == GPG_ERR_CERT_EXPIRED? "5":
r == GPG_ERR_NO_CRL_KNOWN? "6":
r == GPG_ERR_CRL_TOO_OLD? "7":
r == GPG_ERR_NO_POLICY_MATCH? "8":
r == GPG_ERR_NO_SECKEY? "9":
r == GPG_ERR_MISSING_CERT? "11":
"0",
line, NULL);
gpgsm_status2 (ctrl, STATUS_INV_SGNR,
get_inv_recpsgnr_code (rc), line, NULL);
/* For compatibiliy reasons we also issue the old code after the
new one. */
gpgsm_status2 (ctrl, STATUS_INV_RECP,
get_inv_recpsgnr_code (rc), line, NULL);
}
return rc;
}

12
sm/sign.c
View file

@ -372,6 +372,8 @@ gpgsm_sign (ctrl_t ctrl, certlist_t signerlist,
if (!cert)
{
log_error ("no default signer found\n");
gpgsm_status2 (ctrl, STATUS_INV_SGNR,
get_inv_recpsgnr_code (GPG_ERR_NO_SECKEY), NULL);
rc = gpg_error (GPG_ERR_GENERAL);
goto leave;
}
@ -382,7 +384,15 @@ gpgsm_sign (ctrl_t ctrl, certlist_t signerlist,
if (!rc)
rc = gpgsm_validate_chain (ctrl, cert, "", NULL, 0, NULL, 0, NULL);
if (rc)
goto leave;
{
char *tmpfpr;
tmpfpr = gpgsm_get_fingerprint_hexstring (cert, 0);
gpgsm_status2 (ctrl, STATUS_INV_SGNR,
get_inv_recpsgnr_code (rc), tmpfpr, NULL);
xfree (tmpfpr);
goto leave;
}
/* That one is fine - create signerlist. */
signerlist = xtrycalloc (1, sizeof *signerlist);